Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-wfgeB--XomHA5nlwr3jX6Z6Two.roa
File: 1-wfgeB--XomHA5nlwr3jX6Z6Two.roa (raw, json)
Hash identifier: 8umjZySR/QPNeljolGaIROC6TDiQ+PJAuLoGNPPqm6s=
Subject key identifier: FB:07:E0:78:1F:BE:5E:89:87:03:99:E5:C2:BD:E3:5F:A6:7A:4F:0A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 082F633B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-wfgeB--XomHA5nlwr3jX6Z6Two.roa
Signing time: Fri 18 Mar 2022 13:49:07 +0000
ROA not before: Fri 18 Mar 2022 13:49:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137323323 (0x82f633b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 18 13:49:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb07e0781fbe5e89870399e5c2bde35fa67a4f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:91:f7:1e:09:68:eb:ef:62:5f:94:f4:02:
bb:34:7f:0a:ef:17:d2:12:73:41:ec:4b:30:6d:08:
12:61:98:22:84:9a:be:55:55:0c:65:61:e0:01:48:
af:24:6b:e9:49:f4:72:c9:49:92:d7:ea:55:1b:ec:
f5:13:bc:7f:51:c8:ef:a0:e1:53:e9:f8:33:94:5a:
04:7c:21:26:9e:de:66:32:f0:8e:2d:86:41:05:96:
3c:bf:76:6d:19:4a:14:4c:f6:68:62:0f:dc:48:eb:
3d:d1:03:3b:7c:44:79:ac:4e:be:c1:1a:70:31:83:
f5:6e:cb:ab:14:03:eb:47:79:b7:dc:18:55:48:d5:
a0:b6:f9:da:b2:c3:bd:c4:58:8d:2b:18:4a:57:07:
d4:ea:9b:40:86:0c:e7:d3:e1:6b:71:f9:fd:8f:e0:
32:1f:7f:7d:8d:c2:ac:37:eb:0d:6b:88:62:b0:83:
a2:8e:5d:de:b4:b5:6b:94:4b:0a:b5:b0:85:b2:81:
00:ee:a0:9e:29:d8:5c:eb:91:35:00:58:a1:7e:6a:
4e:56:86:ab:bf:c9:b5:ef:08:b5:bd:56:81:7e:e3:
c3:22:74:89:20:a4:e2:ff:4d:77:71:d2:29:fb:fb:
c7:26:ca:04:cd:59:90:60:16:0f:bf:9d:83:48:83:
06:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:07:E0:78:1F:BE:5E:89:87:03:99:E5:C2:BD:E3:5F:A6:7A:4F:0A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-wfgeB--XomHA5nlwr3jX6Z6Two.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.157.0/24
185.230.14.0/24
213.209.130.0/24
213.209.133.0/24
213.209.136.0/24
213.209.138.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
67:a4:86:1b:38:53:07:b1:f3:bb:d8:ca:f9:cb:ab:d9:3a:29:
58:b7:26:4e:cf:f8:3d:60:f7:28:34:f1:7b:39:a1:0f:34:cd:
de:88:4e:32:cb:3f:b5:73:76:6a:e1:e7:5b:4c:08:1a:4a:78:
d9:41:c9:4f:d6:d1:4c:83:1a:20:bf:f5:c9:86:9e:6c:e9:ac:
f1:cd:c2:66:45:d6:94:88:81:32:14:45:90:b8:c3:da:46:3c:
8e:d7:d7:06:95:16:11:fb:f7:b2:9b:2e:65:65:a5:9b:22:b6:
6d:09:cf:5b:f7:1f:dd:cc:9b:c3:14:32:c8:62:4d:3e:ec:84:
fa:30:91:d1:8b:00:d4:cc:bd:7e:c5:11:5b:ec:35:d9:10:af:
85:51:a8:e1:82:ab:c6:db:2f:14:a8:cb:ba:02:67:b1:c3:f1:
9c:2a:78:cf:15:82:b0:c7:5b:03:fa:15:86:cf:cb:c3:90:bd:
ab:a5:01:89:8d:dd:0c:3d:45:38:4c:02:54:f5:99:3c:7b:a9:
56:9f:31:aa:79:72:63:cc:eb:ac:56:a7:eb:f2:b1:5a:a2:4e:
71:0b:1e:9e:5e:0b:b8:35:76:10:67:be:02:3b:3a:48:f6:91:
ab:8c:68:2d:d2:7a:52:a9:29:2c:91:94:3e:5c:9a:0a:7e:0b:
43:5c:10:31
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIECC9jOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
ODEzNDkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIwN2UwNzgxZmJl
NWU4OTg3MDM5OWU1YzJiZGUzNWZhNjdhNGYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJokfceCWjr72JflPQCuzR/Cu8X0hJzQexLMG0IEmGYIoSa
vlVVDGVh4AFIryRr6Un0cslJktfqVRvs9RO8f1HI76DhU+n4M5RaBHwhJp7eZjLw
ji2GQQWWPL92bRlKFEz2aGIP3EjrPdEDO3xEeaxOvsEacDGD9W7LqxQD60d5t9wY
VUjVoLb52rLDvcRYjSsYSlcH1OqbQIYM59Pha3H5/Y/gMh9/fY3CrDfrDWuIYrCD
oo5d3rS1a5RLCrWwhbKBAO6gninYXOuRNQBYoX5qTlaGq7/Jte8Itb1WgX7jwyJ0
iSCk4v9Nd3HSKfv7xybKBM1ZkGAWD7+dg0iDBmcCAwEAAaOCAoUwggKBMB0GA1Ud
DgQWBBT7B+B4H75eiYcDmeXCveNfpnpPCjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzEtd2ZnZUItLVhvbUhBNW5sd3Izalg2WjZUd28ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0
L2Q5MGM2Zi02NTc2LTQ2YjktODMxMy02Y2JmZjNjNGRhMDEvMS9PMGR1RXVpWWZs
c3dMTndrdmRuYlAtZzhoRWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gZkGCCsGAQUFBwEHAQH/BIGJMIGGMG4EAgABMGgwDAMEB01agAMEAE1agjAMAwQC
TVqEAwQATVqKAwQATVqMMAwDBAFNWo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1a
nQMEALnmDgMEANXRggMEANXRhQMEANXRiAMEANXRigMEANXRkTAUBAIAAjAOAwUA
KgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAGekhhs4Uwex87vYyvnLq9k6
KVi3Jk7P+D1g9yg08Xs5oQ80zd6ITjLLP7Vzdmrh51tMCBpKeNlByU/W0UyDGiC/
9cmGnmzprPHNwmZF1pSIgTIURZC4w9pGPI7X1waVFhH797KbLmVlpZsitm0Jz1v3
H93Mm8MUMshiTT7shPowkdGLANTMvX7FEVvsNdkQr4VRqOGCq8bbLxSoy7oCZ7HD
8ZwqeM8VgrDHWwP6FYbPy8OQvaulAYmN3Qw9RThMAlT1mTx7qVafMap5cmPM66xW
p+vysVqiTnELHp5eC7g1dhBnvgI7Okj2kauMaC3SelKpKSyRlD5cmgp+C0NcEDE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org